A snippet of p-code that can be executed outside of normal analysis. More...
#include <pcodeinject.hh>
Public Member Functions | |
| ExecutablePcode (Architecture *g, const string &src, const string &nm) | |
| Constructor. More... | |
| virtual string | getSource (void) const |
| Return a string describing the source of the injection (.cspec, prototype model, etc.) | |
| uintb | evaluate (const vector< uintb > &input) |
| Evaluate the snippet on the given inputs. More... | |
 Public Member Functions inherited from InjectPayload | |
| InjectPayload (const string &nm, int4 tp) | |
| Construct for use with restoreXml. | |
| int4 | getParamShift (void) const |
| Get the number of parameters shifted. | |
| bool | isDynamic (void) const |
| Return true if p-code in the injection is generated dynamically. | |
| bool | isIncidentalCopy (void) const |
| Return true if any injected COPY is considered incidental. | |
| int4 | sizeInput (void) const |
| Return the number of input parameters. | |
| int4 | sizeOutput (void) const |
| Return the number of output parameters. | |
| InjectParameter & | getInput (int4 i) |
| Get the i-th input parameter. | |
| InjectParameter & | getOutput (int4 i) |
| Get the i-th output parameter. | |
| virtual | ~InjectPayload (void) |
| Destructor. | |
| virtual void | inject (InjectContext &context, PcodeEmit &emit) const =0 |
| virtual void | restoreXml (const Element *el) |
| Restore this payload from an XML stream. More... | |
| virtual void | printTemplate (ostream &s) const =0 |
| Print the p-code ops of the injection to a stream (for debugging) | |
| string | getName (void) const |
| Return the name of the injection. | |
| int4 | getType (void) const |
| Return the type of injection (CALLFIXUP_TYPE, CALLOTHERFIXUP_TYPE, etc.) | |
Private Member Functions | |
| void | build (void) |
| Initialize the Emulate object with the snippet p-code. | |
Private Attributes | |
| Architecture * | glb |
| The Architecture owning this snippet. | |
| string | source |
| Description of the source of this snippet. | |
| bool | built |
| Whether build() method has run, setting up the emulator. | |
| EmulateSnippet | emulator |
| The emulator. | |
| vector< uintb > | inputList |
| Temporary ids of input varnodes. | |
| vector< uintb > | outputList |
| Temporary ids of output varnodes. | |
| PcodeEmit * | emitter |
| Emitter (allocated temporarily) for initializing the emulator. | |
Additional Inherited Members | |
| Public Types inherited from InjectPayload | |
| enum | { CALLFIXUP_TYPE = 1, CALLOTHERFIXUP_TYPE = 2, CALLMECHANISM_TYPE = 3, EXECUTABLEPCODE_TYPE = 4 } |
| Protected Member Functions inherited from InjectPayload | |
| void | orderParameters (void) |
| Assign an index to parameters. More... | |
| Static Protected Member Functions inherited from InjectPayload | |
| static void | readParameter (const Element *el, string &name, uint4 &size) |
| Read in an <input> or <output> XML tag describing an injection parameter. More... | |
| Protected Attributes inherited from InjectPayload | |
| string | name |
| Formal name of the payload. | |
| int4 | type |
| Type of this payload: CALLFIXUP_TYPE, CALLOTHERFIXUP_TYPE, etc. | |
| bool | dynamic |
| True if the injection is generated dynamically. | |
| bool | incidentalCopy |
| True if injected COPYs are considered incidental. | |
| int4 | paramshift |
| Number of parameters shifted in the original call. | |
| vector< InjectParameter > | inputlist |
| List of input parameters to this payload. | |
| vector< InjectParameter > | output |
| List of output parameters. | |
Detailed Description
A snippet of p-code that can be executed outside of normal analysis.
Essentially a p-code script. The p-code contained in this snippet needs to be processor agnostic, so any register Varnodes must be temporary (out of the unique space) and any control-flow operations must be contained within the snippet (p-code relative addressing). Input and output to the snippet/script is provided by standard injection parameters. The class contains, as a field, a stripped down emulator to run the script and a convenience method evaluate() to feed in concrete values to the input parameters and return a value from a single output parameter.
Constructor & Destructor Documentation
| ExecutablePcode::ExecutablePcode | ( | Architecture * | g, |
| const string & | src, | ||
| const string & | nm | ||
| ) |
Constructor.
- Parameters
-
g is the Architecture owning snippet src is a string describing the source of the snippet nm is the formal name of the snippet
Member Function Documentation
| uintb ExecutablePcode::evaluate | ( | const vector< uintb > & | input | ) |
Evaluate the snippet on the given inputs.
The caller provides a list of concrete values that are assigned to the input parameters. The number of values and input parameters must match, and values are assigned in order. Input parameter order is determined either by the order of tags in the defining XML. This method assumes there is exactly 1 relevant output parameter. Once the snippet is executed the value of this parameter is read from the emulator state and returned.
- Parameters
-
input is the ordered list of input values to feed to this script
- Returns
- the value of the output parameter after script execution
References build(), emulator, Emulate::executeCurrentOp(), Emulate::getHalt(), EmulateSnippet::getTempValue(), inputList, outputList, EmulateSnippet::resetMemory(), and EmulateSnippet::setVarnodeValue().
Referenced by JumpAssisted::buildAddresses(), JumpAssisted::buildLabels(), SegmentOp::execute(), and JumpAssisted::recoverModel().
The documentation for this class was generated from the following files:
- pcodeinject.hh
- pcodeinject.cc
